Microsoft's pain: is the patch still need to hit "patch"?

Microsoft's IE and office months have been hit by zero-day attacks. It has formed a routine loop in which Microsoft releases new patches every month in "Patch Tuesday", and there will be a lot of new zero-day attacks around here. Hackers want to extend their zeroday attacks most likely before Microsoft can deal with it. Microsoft uses customer feedback, automated tools, and antivirus alliances to understand the breadth of each new zero-day attack. If the attack is widespread, Microsoft will speed up the normal patch cycle and release the patch before the next patch Tuesday. If the attack is not widely spread, this is usually the case, Microsoft will wait until the normal release of the patch Tuesday to redistribute. Spending normal time developing and testing patches usually means that the patches will be stable (and this is even harder for Microsoft to do recently ...). This is the digression). Microsoft was also suffering when it was decided to release the Zero-day patch on a regular cycle. The media is full of the latest bugs, how to save yourself in the face of scams, etc. Even my favorite dshield.org, too early to join the media team, clutching Microsoft in millions of malicious attacks spread everywhere when not immediately release patches of the sore. In recent attacks, the so-called "millions of malicious attacks" spread to no more than 100. But others see themselves as the real themselves, in the latest patch debugging phase of Microsoft only endure pain. Whether or not the threat is only moderately spreading, consumers are waiting until the official release of patches or other compensation protections, such as configuring a Killing program, is available. Most users never use alternative protection schemes, so they are unprotected until they use the official patch. As a result, many third-party companies are releasing protective patches to make up for gaps before the official patches are released. The most concentrated manifestation is the new Zeroday Emergency Response Group (Zert). Zert is made up of a number of outstanding programmers and security experts who are committed to providing patches when official patches lag behind the needs of the public. Zert's Z-protection platform allows people to develop and use third-party Microsoft Windows patches, and allows people to uninstall the Third-party patches after the vendor provides patches. Other professionals, such as Dr. Jesper Johansson, formerly a senior security officer at Microsoft. He advises people to use compensatory defenses that can block zero-day code. Jesper recently introduced some reliable security fixes that can be configured quickly using Group Policy. Microsoft and many other security experts have warned users not to use third-party patches or fix programs. Most users should listen carefully to these comments. First, third-party patches and fixes are often not thoroughly tested as official patches. A Microsoft officer once told me that every IE security patchThousands of degradation tests are passed before release. Third-party patches do create more problems than the problems they solve. Even Jesper's excellent VML protection scripts have also caused problems in a regular patch of Windows family computer. But with official warnings, I think any company with a knowledge-rich network can benefit from third-party patches and timely advice on the crisis, provided that the network administrator has time to thoroughly test third-party patches or fixes. Some third parties react quickly to vulnerabilities such as Jesper, which, for example, write updates for their own fixes-he immediately gives advice when he notices the problem; Zert seems to have made the right choice on how to apply its patches, and the system doesn't have to modify the original compressed executable. I think that if a widely spread attack is extremely dangerous to your system environment, you should consider testing and using third-party patches or fixes. Management should be aware of the nature, risk, and final decision of a third-party patch. Any new patches--even official patches--you should thoroughly test and prepare the test recovery plan in case the patch is even worse. The responsible editor Zhao Zhaoyi@51cto.com TEL: (010) 68476636-8001 to force (0 votes) is tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title of the party (0 Votes) passed (0 Votes) Text: Microsoft's pain: The patch also need to play "patch"? Back to network security home